Cyber Resilience

CWE · MITRE source

CWE-908Use of Uninitialized Resource

Abstraction: Base · CVEs in our corpus: 773

The product uses or accesses a resource that has not been initialized.

When a resource has not been properly initialized, the product may behave unexpectedly. This may lead to a crash or invalid memory access, but the consequences vary depending on the type of resource and how it is used within the product.

Last updated: 04 July 2026 00:28 UTC

Cumulative inbound coverage

How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.

Collective: partial · 1 mapping(s) from 1 framework(s): ATT&CK 1 (partial)

See the full cumulative-coverage rollup →

NIST 800-53 r5 controls that address this weakness (0)AI

Control Title Family Why it addresses this CWE
No NIST controls proposed yet.

MITRE ATT&CK techniques this weakness enables

Our own two-way CWE↔ATT&CK cross-walk — a direct mapping with no public source (the CWE→CAPEC→ATT&CK chain leaves most top weaknesses, incl. XSS and SQLi, mapped to nothing). Drafted by Grok and spot-checked by Claude Opus 4.8.

Direction: other covers this; this covers other (F/M/P = full / mostly / partial).

Top CVEs of this weakness type, ranked by Risk Priority

CVE Risk CVSS EPSS Published
CVE-2024-29745 KEV UPD10.05.50.00482024-04-05
CVE-2024-50302 KEV10.05.50.00812024-11-19
CVE-2025-5777 KEV UPD10.07.50.99902025-06-17
CVE-2007-17518.00.00.60842007-06-12
CVE-2008-00818.09.80.57912008-01-16
CVE-2020-19348.05.30.51952020-04-01
CVE-2023-249418.09.80.94682023-05-09
CVE-2012-18917.09.80.29412012-07-10
CVE-2015-83907.09.80.04622015-12-02
CVE-2018-50957.09.80.04272018-06-11
CVE-2018-145517.09.80.04032018-07-23
CVE-2019-00067.09.80.05262019-01-15
CVE-2019-96417.09.80.09402019-03-09
CVE-2019-98057.09.80.01212019-04-26
CVE-2019-127307.09.80.03032019-06-04
CVE-2019-73217.09.80.03212019-06-13
CVE-2019-50677.09.80.03412019-09-18
CVE-2019-159007.09.80.02112019-10-18
CVE-2019-105417.09.80.00912019-11-06
CVE-2019-140527.09.80.00912020-09-08
CVE-2020-247537.09.80.02642020-09-17
CVE-2020-358787.09.80.01522020-12-31
CVE-2020-358887.09.80.01522020-12-31
CVE-2021-259057.09.10.01642021-01-26
CVE-2021-263057.09.80.01692021-01-29